EAGER: Social Media Based Early Cybersecurity Threat Detection

EAGER：基于社交媒体的早期网络安全威胁检测

• 批准号: 2141095
• 负责人: Chang-Tien Lu
• 金额: $ 10万
• 依托单位: Virginia Polytechnic Institute and State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-10-01 至 2023-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2141095&HistoricalAwards=false
• 关键词: EAGER; Social; Media; Based; Early

Society’s ever-increasing reliance on the complex digital world with a huge repository of highly confidential and private data has made maintaining cybersecurity an uncompromising task for organizations. The loss incurred by the US healthcare system due to ransomware attacks has exceeded 157 million dollars since 2016. Traditionally, cyberattack detection techniques leverage network traffic data to detect certain types of attacks. However, this kind of approach is difficult to generalize. Furthermore, the requisite data is too expensive to obtain and information about organizational compromise can often originate outside the institution. Hence, open source indicators like social media platforms, which propagate rich security-related discussions for ongoing cyberattacks, can be inexpensive yet effective sources of data for an early cyberattack detection system. This project aims to implement a social media based multitask active learning framework for early cybersecurity threat detection. Its reliance on open source data will generalize the application of the research across different target entities. The project will produce a theoretical framework for teaching cyberattack detection or social media mining, providing academia and the industry a broader understanding of fundamental methodological approaches.This research will design the solution through different interconnected research thrusts. The key challenges in social media based cyberattack detection are lack of comprehensive ground truth data and expensive labeling effort. The project tackles this problem by innovatively incorporating both dynamic query expansion and active learning. The dynamic query expansion component provides an effective procedure to collect domain specific labeled data while the active learning module interactively updates the training dataset by labeling the data collected outside the constraints of the dynamic query expansion. Furthermore, to address the problem of generalizing over various types of cyberattacks, the project explores a novel multitask learning framework with message passing mechanism to model varied and distinctive types of cybersecurity events. Additionally, the investigator intends to implement a visual interface which explores novel deep learning-based storyline generation techniques for the detected security events which will provide an interpretable visual analysis of cybersecurity related incidents for different organizations across time.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

社会对拥有大量高度机密和私人数据的复杂数字世界的日益依赖，使维护网络安全成为组织的一项不可妥协的任务。自2016年以来，美国医疗系统因勒索软件攻击而遭受的损失已超过1.57亿美元。传统上，网络攻击检测技术利用网络流量数据来检测特定类型的攻击。然而，这种方法很难一概而论。此外，获取必要数据的成本太高，而且有关组织妥协的信息往往来自机构以外。因此，像社交媒体平台这样的开源指标，可以为正在进行的网络攻击传播丰富的与安全相关的讨论，对于早期的网络攻击检测系统来说，可能是廉价而有效的数据来源。该项目旨在实施一个基于社交媒体的多任务主动学习框架，用于早期检测网络安全威胁。它对开放源码数据的依赖将推广这项研究在不同目标实体中的应用。该项目将为教授网络攻击检测或社交媒体挖掘提供一个理论框架，让学术界和业界更广泛地了解基本的方法方法。这项研究将通过不同相互关联的研究推力来设计解决方案。基于社交媒体的网络攻击检测的关键挑战是缺乏全面的地面事实数据和昂贵的标签工作。该项目通过创新性地将动态查询扩展和主动学习结合在一起来解决这个问题。动态查询扩展组件提供了收集领域特定标记数据的有效过程，而主动学习模块通过标记在动态查询扩展的约束之外收集的数据来交互地更新训练数据集。此外，为了解决对各种类型的网络攻击进行泛化的问题，该项目探索了一个具有消息传递机制的新的多任务学习框架，以对各种不同类型的网络安全事件进行建模。此外，调查员打算实现一个可视化界面，该界面为检测到的安全事件探索基于深度学习的新颖故事情节生成技术，将为不同组织随时间推移提供与网络安全相关的事件的可解释视觉分析。该奖项反映了NSF的法定使命，并通过使用基金会的智力优势和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

From Guest to Family: An Innovative Framework for Enhancing Memorable Experiences in the Hotel Industry

• DOI: 10.1145/3625007.3632331
• 发表时间: 2023-11
• 期刊: Proceedings of the International Conference on Advances in Social Networks Analysis and Mining
• 作者: Abdulaziz Alhamadani;Khadija Althubiti;Shailik Sarkar;Jianfeng He;Lulwah Alkulaib;Srishti Behal;M. Khan;Chang-Tien Lu

Explainable Prediction of the Severity of COVID-19 Outbreak for US Counties

• DOI: 10.1109/bigdata55660.2022.10020969
• 发表时间: 2022-12
• 期刊: 2022 IEEE International Conference on Big Data (Big Data)
• 作者: Shailik Sarkar;Abdulaziz Alhamadani;Chang-Tien Lu

Predicting Depression and Anxiety on Reddit: a Multi-task Learning Approach

• DOI: 10.1109/asonam55673.2022.10068655
• 发表时间: 2022-11
• 期刊: 2022 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM)
• 作者: Shailik Sarkar;Abdulaziz Alhamadani;Lulwah Alkulaib;Chang-Tien Lu

PRISTINE: Semi-supervised Deep Learning Opioid Crisis Detection on Reddit

• DOI: 10.1109/asonam55673.2022.10068721
• 发表时间: 2022-11
• 期刊: 2022 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM)
• 作者: Abdulaziz Alhamadani;Shailik Sarkar;Lulwah Alkulaib;Chang-Tien Lu

More than Just a Diagnosis: A Multi-Task Approach to Analyzing Bipolar Disorder on Reddit via DeMHeM

• DOI: 10.1109/bigdata59044.2023.10386934
• 发表时间: 2023-12
• 期刊: 2023 IEEE International Conference on Big Data (BigData)
• 作者: Rocco Zhang;Shailik Sarkar;Abdulaziz Alhamadani;Chang-Tien Lu